HomeTech PlusMobile NewsGoogle Chrome for Android Gets a Zero-Day Vulnerability Fix Following Two Patches...

Google Chrome for Android Gets a Zero-Day Vulnerability Fix Following Two Patches on Desktop Version

Google has released a new Chrome for Android update to fix a zero-day flaw that is currently exploited in the wild. The new update arrives just days after Google fixed two zero-day vulnerabilities in the desktop version of its Chrome browser. Details related to the attack are not yet public as a majority of Chrome for Android users are yet to install the update. Alongside the security fixes that include those rolled out initially for desktop users, the latest Chrome update also includes stability and performance improvements.

The latest Chrome for Android update carries version number 86.0.4240.185 that includes fixes for a heap buffer overflow vulnerability, listed as CVE-2020-16010. The issue exists in the user interface (UI) component of the Web browser.

Google is aware of reports that an exploit for CVE-2020-16010 exists in the wild,” the company said in a blog post.

Google’s Project Zero team reported the highly severe vulnerability on October 31. Further, the Threat Analysis Group (TAG) at Google, responsible for tracking threat actors, has been credited for discovering the zero-day attacks related to Chrome for Android.

Details of the bug and its exploit are not yet revealed as the update is currently in its rollout process. However, Google said that the new version would become available for download through Google Play over the next few weeks.

Earlier this week, Google rolled out a security update for its Chrome browser on desktops that patched a zero-day vulnerability, tracked as CVE-2020-16009, that existed in JavaScript engine V8.

Prior to the last update, Google patched another zero-day issue affecting its Chrome desktop version last month. That vulnerability, identified as CVE-2020-15999, impacted the FreeType font rendering library of the browser.

It is unclear whether the three zero-day bugs discovered in the last one month are exploited by a single threat actor or multiple groups. Having said that, users on both Android and desktop versions of the Chrome browser are recommended to install the latest updates as soon as they are available.


Is Android One holding back Nokia smartphones in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

By Gadgets 360 Source Link

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img
spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS